Role-Based Access Control Models
Computer
On specifying security policies for web documents with an XML-based language
SACMAT '01 Proceedings of the sixth ACM symposium on Access control models and technologies
A fine-grained access control system for XML documents
ACM Transactions on Information and System Security (TISSEC)
Securing XML Documents with Author-X
IEEE Internet Computing
Safeguarding and Charging for Information on the Internet
ICDE '98 Proceedings of the Fourteenth International Conference on Data Engineering
An Efficient Software Protection Scheme
IFIP/Sec '01 Proceedings of the IFIP TC11 Sixteenth Annual Working Conference on Information Security: Trusted Information: The New Decade Challenge
Going Beyond MAC and DAC Using Mobile Policies
IFIP/Sec '01 Proceedings of the IFIP TC11 Sixteenth Annual Working Conference on Information Security: Trusted Information: The New Decade Challenge
Certificate-based access control for widely distributed resources
SSYM'99 Proceedings of the 8th conference on USENIX Security Symposium - Volume 8
Privacy guaranteeing execution containers: one time use of personal data by location based services
Proceedings of the 1st international conference on MOBILe Wireless MiddleWARE, Operating Systems, and Applications
Privacy from promises to protection: privacy guaranteeing execution container
Mobile Networks and Applications
A semantic approach for access control in web services
EuroWeb'02 Proceedings of the 2002 international conference on EuroWeb
Hi-index | 0.01 |
Distributed systems usually contain objects with heterogeneous security requirements that pose important challenges on the underlying security mechanisms and especially in access control systems. Access control in distributed systems often relies on centralized security administration. Existing solutions for distributed access control do not provide the flexibility and manageability required. This paper presents the XML-based Secure Content Distribution (XSCD) infrastructure is based on the production of self-protected software objects that convey contents (software or data) and can be distributed without further security measures because they embed the access control enforcement mechanism. It also provides means for integrating Privilege Management Infrastructures (PMIs). Semantic information is used in the dynamic instantiation and semantic validation of policies. XSCD is scalable, facilitates the administration of the access control system, guarantees the secure distribution of the contents, enables semantic integration and interoperability of heterogeneous sources, solves the "originator retained control" issue and allows activities (such as payment) to be bound to the access to objects.